CVE-2019-8956

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-freeerror in the "sctp_sendmsg()" function (net/sctp/socket.c) when handlingSCTP_SENDALL flag can be exploited to corrupt memory.

Ubuntu-Description

Jakub Jirasek discovered a use-after-free vulnerability in the SCTPimplementation in the Linux kernel. A local attacker could use this tocause a denial of service (system crash) or possibly execute arbitrarycode.